A set of middle ware programs and tools that provide the underlying base that enable applications to be inter-operable across operating systems. SAP Basis includes a RDBMS, GUI, and client server architecture. It's a piece of middle ware which links the application with the database and the operating system. Basis is most commonly associated with the GUI interface to the SAP.

Pages

November 8, 2012

Single Sign On Configuration

Single Sign On Configuration1.Ensure host file of both
abap and portal server contain the full DNS hostname of the server (eg: abcdprd.sapserver.com)2. Ensure that there is entry
in the services file for the gateway service on both servers (sapgw00
3300/tcp)3. Logon to Portal (URL: http://abcdprd.sapserver.com:50000/irj/portal
using administrator user id and
password.4.Go to -> System administration -> stem configuration -> Keystore Administrator

Note:
Steps no. 4 & 5 may not be necessary, with WAS 640 SAP Cryptographic
library is already present in the kernel directory.8. On ABAP system set profile
parameters to accept and create SAPLOGON tickets. login/create_sso2_ticket
= 2

~LOGIN ~PASSWORD ~COOKIES 115. For 6.20 System, go to the
ITS directory under services folder edit the file global.srvc and ensure
following parameters are set.

~mysapcomusesso2cookie 1

~login

~password

~cookies 1

Restart ITS for 6.20

UME Configuration. (Change UME User store to an ABAP Database)

17. Create J2EE_GUEST and
SAPJSF_EPD user in ABAP System as communication user, Role for SAPJSF user
SAP_BC_JSF_COMMUNICATION, SAP_BC_JSF_COMMUNICATION_RO and SAP_BC_USR_CUA_CLIENT_RFC
(only needed is CUA is in use)

Note:
Generate above two roles after user assignment18.Do not assign any role to
J2EE_GUEST.19. Ensure that the users
defined in ABAP System are not already available in EP. (Delete the users
in EP if required of vice versa)

ume.logon.security_policy.oldpass_in_newpass_allowed
= FALSE

ume.logon.security_policy.password_max_length
= 8

ume.logon.security_policy.useridmaxlength
= 12

(dataSourceConfiguration_r3_rw.xml
à This template is used for read
write on both portal and ERP side – We have set this for ECC in DMS)

ume.r3.connection.master.ashost
= mdecctst.corp.mahindra.com

ume.r3.connection.master.client
= 300

ume.r3.connection.master.user
= SAPJSF_EPD

ume.r3.connection.master.passwd
= ******

ume.r3.connection.master.sysnr
= 00

21. Restart EP.

Problem
encountered:

22. mshost problem reported
while starting EP. Problem was because we has defined ume.r3.connection.master.r3name
(this parameter is only to be specified if using Logon Groups)23. J2EE_GUEST was not created
in ABAP Database. EP refused to start.24. Some users were being
reported twice in the user management screen in EP. This was because
identical users were present in both EP and ABAP before changing the UME config. Deleted the EP User from EP.

User
SAPJSF_EPP has no RFC authorization for function group SYS Role
generation problem

Testing:

Logon
with a user – created in abap (this user should not have been created earlier
in portal)